Ich möchte auf phpbb3 umsteigen, brauche aber ein selbst geschreibenes Script dort. Was muss ich änder damit es auch (nur) unter phpbb3 sicher läuft.
Code: Alles auswählen
<?php
define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
include($phpbb_root_path . 'includes/page_header.'.$phpEx);
$email_from = 'Toolservice';
$email_to = 'admin@***.de';
$FEHLER = array();
mysql_connect("localhost","***","***") or die(mysql_error());
mysql_select_db("***")or die(mysql_error());
if(isset($_POST['ueberpruefung']))
{
$allesok = 1;
// Überprüfung Name "richtige Schreibweise"
if(!preg_match('/^[a-zA-Z0-9]{3,8}$/',$_POST['name'])){
//Meldung Fehler
$allesok = 0;
$error['name'] = '<img src="../images/disable.gif">';
$error['name1'] = '<font size="1">maximal 8 Zeichen ohne Umlaute oder Sonderzeichen<br>nur aus Groß/Kleinbuchstaben und Zahlen</font>';
}else {
// Überprüfung doppelter Eintrag "Name"
$sql = "SELECT count(*) AS anzahl FROM tool_order WHERE name = '".$_POST['name']."'";
$query = mysql_query($sql);
$row = mysql_fetch_object($query);
if (!$sql) { $FEHLER[] = "File: " . __FILE__ . " | Line: " . __LINE__ . " | Error: " . mysql_error() . " |-"; }
if($row->anzahl == 0){
//Meldung OK
$error['name'] = '<img src="/images/enable.gif">';
}else {
//Meldung Fehler
$allesok = 0;
$error['name'] = '<img src="/images/disable.gif">';
$error['name1'] = "Name schon vergeben, bitte versuche einen anderen.";}
}
$loginusername = $_POST['name'];
// Alliynz Tag überprüfen
if(empty($_POST['tag'])){
$allesok = 0;
$error['tag'] = '<img src="/images/disable.gif">';
$error['tag1'] = "Bitte Allianz Tag eingeben";
}else{
$error['tag'] = '<img src="/images/enable.gif">';}
$allytag = mysql_real_escape_string(trim(stripslashes($_POST['tag'])));
// Link zum Forum
if(empty($_POST['forum'])){
$allesok = 0;
$error['forum'] = '<img src="/images/disable.gif">';
$error['forum1'] = "Bitte Link zum Forum eingeben";
}else{
$error['forum'] = '<img src="/images/enable.gif">';}
// Email überprüfen
if (!ereg("^.+@.+\\..+$", ($_POST['email']))) {
// Meldung Fehler
$allesok = 0;
$error['email'] = '<img src="/images/disable.gif">';
$error['email1'] = "Bitte überprüfe deine Emailadresse";
}else {
//Meldung OK
$error['email'] = '<img src="/images/enable.gif">';}
$email = trim(stripslashes($_POST['email']));
// Auswahl Uni überprüfen
if (is_numeric($_POST['uni'])){
//Meldung OK
$error['uni'] = '<img src="/images/enable.gif">';
}else{
// Meldung Fehler
$allesok = 0;
$error['uni'] = '<img src="/images/disable.gif">';
$error['uni1'] = "Bitte wähle ein Universum aus";}
}
// Wenn alle Prüfungen bestanden sind
if($allesok == 1){
if ($usePHPMailer) {
chdir('/phpmailer');
require "class.phpmailer.php"; // phpmailer itself
chdir('../');
$phpmailerU = new PHPMailer() ; // phpmailer itself for user
$phpmailerU->IsSMTP(); // send using SMTP
$phpmailerU->Host = "$phpmailerHost"; // SMTP server to use
$phpmailerU->SMTPAuth = true; // use SMTP Auth
$phpmailerU->Username = "$phpmailerUser"; // SMTP username
$phpmailerU->Password = "$phpmailerPass"; // SMTP password
$phpmailerU->From = "$email_from"; // sender EMail
$phpmailerU->FromName = "Allytools.de"; // sender name
$phpmailerU->WordWrap = 80; // set word wrap
$phpmailerU->IsHTML(false); // send as HTML
}
//Daten in DB eintragen
$query = "INSERT INTO tool_order (name,tag,link_forum,email,email_ok,uni,ally,date_anfrage)
VALUES ('".$_POST['name']."','".$_POST['tag']."','".$_POST['forum']."','".mysql_real_escape_string($email)."','0','".$_POST['uni']."','0',NOW())";
mysql_query($query);
if (!$query) { $FEHLER[] = "File: " . __FILE__ . " | Line: " . __LINE__ . " | Error: " . mysql_error() . " |-"; }
// send email for veryfication
$link = strtolower(strtok($_SERVER['SERVER_PROTOCOL'], '/')).'://'.$_SERVER['HTTP_HOST']."/verify.php?action=verify&email=".$email;
$link .= "\n\n";
if ($usePHPMailer) {
$phpmailerU->AddAddress($email); // set receiving email
$phpmailerU->Subject = "Rgistrierung abschliessen"; // set topic of mail
$phpmailerU->Body = "Bitte floge dem Link um die Registrierung abzuschließen" ."\n\n\n".$link; // set content of mail
$result = ($phpmailerU->Send()); // send and see what happens
} else {
// send email for veryfication via local mail server
$headers = "From: ".$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion() . "\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: text/plain; charset=utf-8\r\n" .
"Content-Transfer-Encoding: 8bit\r\n\r\n";
// Send
$result = mail($email, "Rgistrierung abschliessen", "Bitte floge dem Link um die Registrierung abzuschließen" ."\n\n\n".$link, $headers);
}
// send email to tool admin
if ($email_to != 'none@none.com' && !empty($email_to)) {
$link1 = 'http://admin.allytools.de';
if ($usePHPMailer) {
$phpmailerA->AddAddress($email_to); // set receiving email
$phpmailerA->Subject = "Toolregistrierung"; // set topic of mail
// set content of mail
$phpmailerA->Body = "Es gibt neue Toolregistrierungen"."\n\nName: $loginusername\nAlly:$allytag\n\nlink: $link1";
$result = ($phpmailerA->Send()); // send and see what happens
} else {
// send using local mail server
$headers = "From: ".$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion() . "\r\n" .
"MIME-Version: 1.0\r\n" .
"Content-Type: text/plain; charset=utf-8\r\n" .
"Content-Transfer-Encoding: 8bit\r\n\r\n";
// Send
$result = mail($email_to, "Toolregistrierung" ,"Es gibt neue Toolregistrierungen"."\n\nName: $loginusername\nAlly:$allytag\n\nlink: $link1", $headers);
}
}
//Daten ausgeben
echo'
<body>
<table width="70%" cellpadding="3" cellspacing="2" border="0" class="forumline" align="center">
<tr>
<th colspan="2">Allytools</th>
</tr>
<tr>
<td class="row1" colspan="2">Es wurden folgende Daten gespeichert<br><br></td>
</tr>
<tr>
<td class="row1" width="17%">Name :</td>
<td class="row1" width="80%">'.$_POST['name'].'.allytools.de</td>
</tr>
<tr>
<td class="row1" width="17%">Allianz Tag :</td>
<td class="row1" width="80%">'.$_POST['tag'].'</td>
</tr>
<tr>
<td class="row1" width="17%">Link zum Forum :</td>
<td class="row1" width="80%">'.$_POST['forum'].'</td>
</tr>
<tr>
<td class="row1" width="17%">Email :</td>
<td class="row1" width="80%">'.$_POST['email'].'</td>
</tr>
<tr>
<td class="row1" width="17%">Universum :</td>
<td class="row1" width="80%">'.$_POST['uni'].'</td>
</tr>
<td class="row1" colspan="2"> <p>Du wirst in kürze eine Email mit einem Link<br>zum bestätigen deiner Mailadresse erhalten</td>
</tr>
</table>
</body>';
}
// Bei einem Fehler
else
{
?>
<table width="70%" cellpadding="3" cellspacing="1" border="0" class="forumline" align="center">
<tr>
<th>Allytools</th>
</tr>
<tr>
<td class="row1" class="row1" align="center">
<span class="genmed"><b>Bitte fülle <u>alle</u> Felder aus:</b></span>
</td></tr><tr><td class="row1" class="row1" align="center">
<table width="70%" cellpadding="3" cellspacing="1" border="0" class="forumline" align="center">
<form name="Tutorial" method="POST" action="">
<table border="0" width="100%" id="table1" height="30">
<tr>
<td class="row1" width="140" height="30">Name der Subdomain</td>
<td class="row1" width="140" height="30"><input type="text" name="name" size="8" value="<?php echo $_POST['name'];?>">.allytools.de</td>
<td class="row1" width="30" height="30" align="center"><?php echo $error['name'];?></td>
<td class="row1" height="30"><?php echo $error['name1'];?></td>
</tr>
<tr>
<td class="row1" width="140" height="30">Allianz Tag</td>
<td class="row1" width="140" height="30"><input type="text" name="tag" size="20" value="<?php echo $_POST['tag'];?>"></td>
<td class="row1" height="30" width="30" align="center"><?php echo $error['tag'];?></td>
<td class="row1" height="30"><?php echo $error['tag1'];?></td>
</tr>
<tr>
<td class="row1" width="140" height="30">Link zum Forum</td>
<td class="row1" width="140" height="30"><input type="text" name="forum" size="20" value="<?php echo $_POST['forum'];?>"></td>
<td class="row1" height="30" width="30" align="center"><?php echo $error['forum'];?></td>
<td class="row1" height="30"><?php echo $error['forum1'];?></td>
</tr>
<tr>
<td class="row1" width="140" height="30">Email</td>
<td class="row1" width="140" height="30"><input type="text" name="email" size="20" value="<?php echo $_POST['email'];?>"></td>
<td class="row1" height="30" width="30" align="center"><?php echo $error['email'];?></td>
<td class="row1" height="30"><?php echo $error['email1'];?></td>
</tr>
<tr>
<td class="row1" width="140" height="30">Universum</td>
<td class="row1" width="140" height="30">
<select size="1" name="uni">
<option selected><?php echo $_POST['uni'];?></option>
<option>1</option>
<option>2</option>
<option>3</option>
<option>4</option>
<option>5</option>
<option>6</option>
<option>7</option>
<option>8</option>
<option>9</option>
<option>10</option>
<option>11</option>
<option>12</option>
<option>13</option>
<option>14</option>
<option>15</option>
<option>16</option>
<option>17</option>
<option>18</option>
<option>19</option>
<option>20</option>
<option>21</option>
<option>22</option>
<option>23</option>
<option>24</option>
<option>25</option>
<option>26</option>
<option>27</option>
<option>28</option>
<option>29</option>
<option>30</option>
<option>31</option>
<option>32</option>
<option>33</option>
<option>34</option>
<option>35</option>
<option>36</option>
<option>37</option>
<option>38</option>
<option>39</option>
<option>40</option>
<option>41</option>
<option>42</option>
<option>43</option>
<option>44</option>
<option>45</option>
<option>46</option>
<option>47</option>
<option>48</option>
<option>49</option>
<option>50</option>
<option>51</option>
<option>52</option>
<option>53</option>
<option>54</option>
<option>55</option>
<option>56</option>
<option>57</option>
<option>58</option>
<option>59</option>
<option>60</option>
<option>61</option>
<option>62</option>
<option>63</option>
<option>64</option>
<option>65</option>
<option>66</option>
<option>67</option>
<option>68</option>
<option>69</option>
<option>70</option>
<option>71</option>
</select></td>
<td class="row1" width="30" height="30" align="center"><?php echo $error['uni'];?></td>
<td class="row1" height="30"><?php echo $error['uni1'];?></td>
</tr>
</table>
<input type="hidden" name="ueberpruefung" value="1">
<input class="button" type="submit" name="Tutorial" value="Absenden">
</form>
</table>
</table>
<?php
}
include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
?>MFG Dennis
